There has always been a need in society for verifying a person's identity for a variety of purposes. Modern day scientific technology has adopted the widespread use of computers and related mechanisms for the purposes of giving credit, performing electronic funds transfer, and so forth. In all facets of the financial community including the retail industry, the securities industry, banking and the like, sums of money, securities and/or materials are transferred between owners based on the reliance of one person on the purported identity of another. Electronic systems including various cryptographic instruments together with secret identity numbers or keys provide a certain amount of security; however, the amount of security is predicated upon the degree of secrecy with which one is able to secure his own special identification key. Obviously, once a person's key is learned by another, presumably an unauthorized person, the other person may falsely assume his identity for a wide variety of electronic applications.
Identity verification by means of written signatures has long been known in the art, and helps to eliminate the possibility of an unauthorized person from learning information through which he can falsely assume another's identity. However, most known systems have various shortcomings. Simply matching the appearance of a recorded signature is not satisfactory as expert forgers can usually duplicate the appearance of a person's signature as well as the person himself. The result of this is that when an expert forger is involved, even expert document examiners are frequently unable to discover that the signature is forged.
Recent developments in the field of signature verification are exemplified by U.S. Pat. Nos. 3,983,535 and 4,128,829 of Herbst et al. These developments take advantage of the fact that the acceleration of and/or the pressure on a stylus or writing instrument can be predetermined and matched to an individual when he signs his name. The signature verification method of U.S. Pat. No. 3,983,535 is based on a single acceleration parameter, while the latter named patent is based upon two acceleration components and axial pen pressure.
The aforementioned developments, however, depend upon comparing a sample signature to be verified against an unchanging set of stored reference signatures. Thus, if an individual signer changes his writing style significantly, his signature will be rejected when compared with the reference signatures.
Further developments in the art of the reference generation process which modify the original reference based on later signatures is described in the literature by Chainer et al in the IBM Technical Disclosure Bulletin, Vol. 27, No. 7A, 12/84 p. 4033.
Another development which improves the reference by using feedback to modify the verification parameter is well known in the art and is described by Chainer et al in the IBM Technical Disclosure Bulletin, Vol. 27, No. 7B, 12/84, pp. 4582-4583.
Research experiments with dynamic signature verification methods identify two distinct population characteristics which cause an individual's writing style to change. First, a small percentage of the population has some difficulty in becoming acclimated to an electronic signature verification system. This effect is attributed to a technology-phobic reaction, for some, and, more predominantly, to an "immature signature" in others, that is, a signature which is inconsistent from one signing to the next. The latter is usually a result of those individuals having only rarely been required to sign their name so that they have yet to develop a ballistic signature. For whatever the reason, however, these few individuals may take between 1 and 2 weeks of daily signing to establish a consistent and repeatable signature. With a non-adaptive signature verification design, these individuals are required to re-enroll after they have established a consistent signature. They are not able to successfully use the signature verification system until that time. Secondly, almost all individuals slowly vary their signatures in time. For some, the migration from their signature at the time of enrollment is so slow that they can successfully use a signature verification system for the duration of tests we have conducted, typically 3 months. However, analysis shows that even these individuals degrade from their original performance in the system as the test progresses in time. A very extensive test would be required to determine the performance of a signature verification system over a long period of time and, as a result, long-term performance is difficult to predict in a non-adaptive system. Since there are enough individuals who demonstrate significant variations from their enrollment signatures during even a 3-month test, the variation phenomena is well demonstrated as a performance problem.
Historically, the solution to the performance problems attributed to these characteristics is to force those individuals who experience difficulty using a signature verification system to re-enroll in the signature verification system so that the system obtains current samples of the individuals' signing characteristics. However, this is an unacceptable solution for almost all of the applications for this technology. As an example, should the technology be incorporated within the retail industry, each individual having difficulty being electronically verified when trying to use a credit card or when trying to cash a check would have to be re-enrolled in the system. This implies a physical meeting between a system administrator, (e.g. a bank official) and the failing individual. This administration cost for the issuing establishment and for the consumer is unacceptable in this and most other applications. In addition, failing individuals are possibly publicly embarrassed which limits acceptance of such a technology in the consumer marketplace.
Another solution to this problem which was tried in the past was to manually adapt the set of reference signatures of failing individuals. In application, this requires a sales clerk or other transaction administrator to verify the individual's identity in some way other than signature verification, and then to employ an adaptation mechanism which would putatively be an electronic process which would exist at the point of transaction, thereby effectively re-enrolling that individual on the spot. In addition to being time consuming (for example, in a retail check-out line) and difficult to administrate, this solution fails in two respects. First, a sales clerk or other transaction administrator is required to maintain and frequently employ a secondary identity verification mechanism. Second, failure of the secondary mechanism to detect a forger would immediately compromise the signature verification system in that the forger would directly usurp the individual's reference and thereby gain complete control of the transaction medium. Thus, the effectiveness (i.e., the accuracy) of the signature verification system is reduced to that of the secondary mechanism, thereby eliminating the usefulness of the signature verification technology.
Thus, there is a need for a signature verification method which can automatically keep abreast of a user's variations in signing characteristics during the initial phases of system use and throughout the continued use of the system. This method cannot compromise the level of forgery protection.